--- kind: Service apiVersion: v1 metadata: namespace: {{ awx_kubernetes_namespace }} name: rabbitmq labels: app: rabbitmq type: LoadBalancer spec: type: NodePort ports: - name: http protocol: TCP port: 15672 targetPort: 15672 nodePort: 31672 - name: amqp protocol: TCP port: 5672 targetPort: 5672 nodePort: 30672 selector: app: rabbitmq --- apiVersion: v1 kind: ConfigMap metadata: name: rabbitmq-config namespace: {{ awx_kubernetes_namespace }} data: enabled_plugins: | [rabbitmq_management,rabbitmq_peer_discovery_k8s]. rabbitmq.conf: | default_user = awx default_pass = abcdefg default_vhost = awx ## Clustering cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s cluster_formation.k8s.host = kubernetes.default.svc.cluster.local cluster_formation.k8s.address_type = ip cluster_formation.node_cleanup.interval = 10 cluster_formation.node_cleanup.only_log_warning = false cluster_partition_handling = autoheal ## queue master locator queue_master_locator=min-masters ## enable guest user loopback_users.guest = false --- apiVersion: v1 kind: ServiceAccount metadata: name: rabbitmq namespace: {{ awx_kubernetes_namespace }} {% if kubernetes_context is defined %} --- kind: Role apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: endpoint-reader namespace: {{ awx_kubernetes_namespace }} rules: - apiGroups: [""] resources: ["endpoints"] verbs: ["get"] --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: endpoint-reader namespace: {{ awx_kubernetes_namespace }} subjects: - kind: ServiceAccount name: rabbitmq roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: endpoint-reader {% endif %} {% if openshift_host is defined %} --- kind: Role apiVersion: v1 metadata: name: endpoint-reader namespace: {{ awx_kubernetes_namespace }} rules: - apiGroups: [""] resources: ["endpoints"] verbs: ["get"] --- kind: RoleBinding apiVersion: v1 metadata: name: endpoint-reader namespace: {{ awx_kubernetes_namespace }} roleRef: name: endpoint-reader namespace: {{ awx_kubernetes_namespace }} subjects: - kind: ServiceAccount name: rabbitmq namespace: {{ awx_kubernetes_namespace }} userNames: - system:serviceaccount:{{ awx_kubernetes_namespace }}:rabbitmq {% endif %} --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: awx namespace: {{ awx_kubernetes_namespace }} spec: replicas: 1 template: metadata: labels: name: awx-web-deploy service: django app: rabbitmq spec: serviceAccountName: rabbitmq containers: - name: awx-web image: {{ awx_web_kubernetes_image }} imagePullPolicy: Always ports: - containerPort: 8052 volumeMounts: - mountPath: /etc/tower name: awx-application-config resources: requests: memory: "{{ awx_web_mem_request }}Gi" cpu: "{{ awx_web_cpu_request }}m" - name: awx-celery image: {{ awx_task_kubernetes_image }} imagePullPolicy: Always volumeMounts: - mountPath: /etc/tower name: awx-application-config env: - name: DATABASE_USER value: {{ pg_username }} - name: DATABASE_NAME value: {{ pg_database }} - name: DATABASE_HOST value: {{ pg_hostname|default('postgresql') }} - name: DATABASE_PORT value: "{{ pg_port|default('5432') }}" - name: DATABASE_PASSWORD value: {{ pg_password }} - name: MEMCACHED_HOST value: {{ memcached_hostname|default('localhost') }} - name: RABBITMQ_HOST value: {{ rabbitmq_hostname|default('localhost') }} - name: AWX_ADMIN_USER value: {{ default_admin_user|default('admin') }} - name: AWX_ADMIN_PASSWORD value: {{ default_admin_password|default('password') }} resources: requests: memory: "{{ awx_task_mem_request }}Gi" cpu: "{{ awx_task_cpu_request }}m" - name: awx-rabbit image: ansible/awx_rabbitmq:{{ rabbitmq_version }} imagePullPolicy: Always ports: - name: http protocol: TCP containerPort: 15672 - name: amqp protocol: TCP containerPort: 5672 livenessProbe: exec: command: ["rabbitmqctl", "status"] initialDelaySeconds: 30 timeoutSeconds: 10 readinessProbe: exec: command: ["rabbitmqctl", "status"] initialDelaySeconds: 10 timeoutSeconds: 10 env: - name: MY_POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: RABBITMQ_USE_LONGNAME value: "true" - name: RABBITMQ_NODENAME value: "rabbit@$(MY_POD_IP)" - name: K8S_SERVICE_NAME value: "rabbitmq" - name: RABBITMQ_ERLANG_COOKIE value: "cookiemonster" volumeMounts: - name: rabbitmq-config mountPath: /etc/rabbitmq resources: requests: memory: "{{ awx_rabbitmq_mem_request }}Gi" cpu: "{{ awx_rabbitmq_cpu_request }}m" - name: awx-memcached image: memcached resources: requests: memory: "{{ awx_memcached_mem_request }}Gi" cpu: "{{ awx_memcached_cpu_request }}m" volumes: - name: awx-application-config configMap: name: awx-config items: - key: awx_settings path: settings.py - key: secret_key path: SECRET_KEY - name: rabbitmq-config configMap: name: rabbitmq-config items: - key: rabbitmq.conf path: rabbitmq.conf - key: enabled_plugins path: enabled_plugins --- apiVersion: v1 kind: Service metadata: name: awx-web-svc namespace: {{ awx_kubernetes_namespace }} labels: name: awx-web-svc spec: type: "NodePort" ports: - name: http port: 80 targetPort: 8052 selector: name: awx-web-deploy --- apiVersion: v1 kind: Service metadata: name: awx-rmq-mgmt namespace: {{ awx_kubernetes_namespace }} labels: name: awx-rmq-mgmt spec: type: ClusterIP ports: - name: rmqmgmt port: 15672 targetPort: 15672 selector: name: awx-web-deploy {% if kubernetes_context is defined %} --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: awx-web-svc namespace: {{ awx_kubernetes_namespace }} spec: backend: serviceName: awx-web-svc servicePort: 80 {% endif %} {% if openshift_host is defined %} --- apiVersion: v1 kind: Route metadata: name: awx-web-svc namespace: {{ awx_kubernetes_namespace }} spec: port: targetPort: http tls: insecureEdgeTerminationPolicy: Allow termination: edge to: kind: Service name: awx-web-svc weight: 100 wildcardPolicy: None {% endif %}